ModSecurity

ModSecurity is a powerful web application layer firewall for Apache web servers. It monitors the whole HTTP traffic to a site without affecting its functionality and in case it identifies an intrusion attempt, it blocks it. The firewall also maintains a more detailed log for the website visitors than any web server does, so you will be able to monitor what's going on with your Internet sites better than if you rely only on conventional logs. ModSecurity uses security rules based on which it helps prevent attacks. For example, it detects whether anyone is attempting to log in to the administrator area of a given script several times or if a request is sent to execute a file with a certain command. In such cases these attempts set off the corresponding rules and the firewall software blocks the attempts right away, after that records comprehensive details about them inside its logs. ModSecurity is amongst the most effective software firewalls available and it could easily protect your web applications against a large number of threats and vulnerabilities, particularly if you don’t update them or their plugins regularly.

ModSecurity in Cloud Hosting

ModSecurity comes by default with all cloud hosting solutions which we offer and it will be activated automatically for any domain or subdomain you add/create within your Hepsia hosting Control Panel. The firewall has 3 different modes, so you could activate and deactivate it with a mouse click or set it to detection mode, so it will keep a log of all attacks, but it shall not do anything to prevent them. The log for each of your websites will feature comprehensive info such as the nature of the attack, where it came from, what action was taken by ModSecurity, and so forth. The firewall rules that we use are constantly updated and consist of both commercial ones we get from a third-party security firm and custom ones which our system admins include in case that they detect a new type of attacks. This way, the websites you host here shall be much more protected with no action expected on your end.